14.3.3. Firewall Considerations

If you are performing the installation where the VNC viewer system is a workstation on a different subnet from the target system, you may run in to network routing problems. VNC works fine so long as your viewer system has a route to the target system and ports 5900 and 5901 are open. If your environment has a firewall, make sure ports 5900 and 5901 are open between your workstation and the target system.

In addition to passing the vnc boot parameter, you may also want to pass the vncpassword parameter in these scenarios. While the password is sent in plain text over the network, it does provide an extra step before a viewer can connect to a system. Once the viewer connects to the target system over VNC, no other connections are permitted. These limitations are usually sufficient for installation purposes.

Important

Be sure to use a temporary password for the vncpassword option. It should not be a password you use on any systems, especially a real root password.

If you continue to have trouble, consider using the vnc vncconnect parameter. In this mode of operation, you start the viewer on your system first telling it to listen for an incoming connection. Pass vnc vncconnect=HOST[:port] at the boot prompt and the installer will attempt to connect to the specified HOST (either a hostname or IP address). Specifying the port is optional.